<?php

namespace App\Http\Middleware;

use Closure;
use Illuminate\Support\Facades\Auth;
use Entrust;
use Route;

class PermissionsCheck
{
    /**
     * Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @param  string|null  $guard
     * @return mixed
     */
    public function handle($request, Closure $next)
    {
        $currRouteName = Route::currentRouteName(); // 当前路由别名
        if($request->user()->is_super_administrator === 1 || $request->user()->can($currRouteName)){
            return $next($request);
        }else{
            //判断是否是ajax访问
            if ($request->ajax()) {
                return response('Unauthorized.', 401);
            } else {
                //跳没有权限页面
                return redirect('no-permissions');
            }
        }
    }
}
